Certified Information Systems Auditor (CISA) — Question 1303

An organization's strategy to source certain IT functions from a software as a service (SaaS) provider should be approved by the:

Answer options

• A. IT steering committee.
• B. chief financial officer (CFO).
• C. IT operations manager.
• D. chief risk officer (CRO).

Correct answer: A

Explanation

The IT steering committee is responsible for overseeing IT strategies and ensuring alignment with organizational goals, making it the appropriate body to approve sourcing from a SaaS provider. The other roles, while important, do not have the same level of oversight or strategic authority in this context.